From f43d3e9f665be110237dc2a9053c24d1f93d7ece Mon Sep 17 00:00:00 2001 From: zhouzb Date: Fri, 6 Aug 2021 15:22:49 +0800 Subject: [PATCH] feat(authn redis): add api spec for redis authentication --- apps/emqx_authn/src/emqx_authn_api.erl | 91 +++++++++++++++++++++++++- 1 file changed, 90 insertions(+), 1 deletion(-) diff --git a/apps/emqx_authn/src/emqx_authn_api.erl b/apps/emqx_authn/src/emqx_authn_api.erl index 63c536d5e..78ef5fd35 100644 --- a/apps/emqx_authn/src/emqx_authn_api.erl +++ b/apps/emqx_authn/src/emqx_authn_api.erl @@ -32,7 +32,7 @@ -define(EXAMPLE_1, #{name => <<"example 1">>, mechanism => <<"password-based">>, - server_type => <<"built-in-example">>, + server_type => <<"built-in-database">>, user_id_type => <<"username">>, password_hash_algorithm => #{ name => <<"sha256">> @@ -76,6 +76,16 @@ salt_position => <<"prefix">> }). +-define(EXAMPLE_5, #{name => <<"example 5">>, + mechanism => <<"password-based">>, + server_type => <<"redis">>, + server => <<"127.0.0.1:6379">>, + database => 0, + query => <<"HMGET ${mqtt-username} password_hash salt">>, + password_hash_algorithm => <<"sha256">>, + salt_position => <<"prefix">> + }). + -define(ERR_RESPONSE(Desc), #{description => Desc, content => #{ 'application/json' => #{ @@ -180,6 +190,10 @@ authenticators_api() -> mongodb => #{ summary => <<"Authentication with MongoDB">>, value => emqx_json:encode(?EXAMPLE_4) + }, + redis => #{ + summary => <<"Authentication with Redis">>, + value => emqx_json:encode(?EXAMPLE_5) } } } @@ -192,6 +206,7 @@ authenticators_api() -> 'application/json' => #{ schema => minirest:ref(<<"returned_authenticator">>), examples => #{ + %% TODO: return full content example1 => #{ summary => <<"Example 1">>, value => emqx_json:encode(maps:put(id, <<"example 1">>, ?EXAMPLE_1)) @@ -207,6 +222,10 @@ authenticators_api() -> example4 => #{ summary => <<"Example 4">>, value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4)) + }, + example5 => #{ + summary => <<"Example 4">>, + value => emqx_json:encode(maps:put(id, <<"example 5">>, ?EXAMPLE_5)) } } } @@ -234,6 +253,7 @@ authenticators_api() -> , maps:put(id, <<"example 2">>, ?EXAMPLE_2) , maps:put(id, <<"example 3">>, ?EXAMPLE_3) , maps:put(id, <<"example 4">>, ?EXAMPLE_4) + , maps:put(id, <<"example 5">>, ?EXAMPLE_5) ]) } } @@ -281,6 +301,10 @@ authenticators_api2() -> example4 => #{ summary => <<"Example 4">>, value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4)) + }, + example5 => #{ + summary => <<"Example 5">>, + value => emqx_json:encode(maps:put(id, <<"example 5">>, ?EXAMPLE_5)) } } } @@ -345,6 +369,10 @@ authenticators_api2() -> example4 => #{ summary => <<"Example 4">>, value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4)) + }, + example5 => #{ + summary => <<"Example 5">>, + value => emqx_json:encode(maps:put(id, <<"example 5">>, ?EXAMPLE_5)) } } } @@ -1024,6 +1052,66 @@ definitions() -> } }, + PasswordBasedRedisDef = #{ + type => object, + required => [], + properties => #{ + server_type => #{ + type => string, + enum => [<<"redis">>], + example => [<<"redis">>] + }, + server => #{ + description => <<"Mutually exclusive with the 'servers' field, only valid in standalone mode">>, + type => string, + example => <<"127.0.0.1:27017">> + }, + servers => #{ + description => <<"Mutually exclusive with the 'server' field, only valid in cluster and sentinel mode">>, + type => array, + items => #{ + type => string + }, + example => [<<"127.0.0.1:27017">>] + }, + sentinel => #{ + description => <<"Only valid in sentinel mode">>, + type => string + }, + password => #{ + type => string + }, + database => #{ + type => integer, + exmaple => 0 + }, + query => #{ + type => string, + example => <<"HMGET ${mqtt-username} password_hash salt">> + }, + password_hash_algorithm => #{ + type => string, + enum => [<<"plain">>, <<"md5">>, <<"sha">>, <<"sha256">>, <<"sha512">>, <<"bcrypt">>], + default => <<"sha256">>, + example => <<"sha256">> + }, + salt_position => #{ + type => string, + enum => [<<"prefix">>, <<"suffix">>], + default => <<"prefix">>, + example => <<"prefix">> + }, + pool_size => #{ + type => integer, + default => 8 + }, + auto_reconnect => #{ + type => boolean, + default => true + } + } + }, + PasswordBasedHTTPServerDef = #{ type => object, required => [ server_type @@ -1155,6 +1243,7 @@ definitions() -> , #{<<"password_based_mysql">> => PasswordBasedMySQLDef} , #{<<"password_based_pgsql">> => PasswordBasedPgSQLDef} , #{<<"password_based_mongodb">> => PasswordBasedMongoDBDef} + , #{<<"password_based_redis">> => PasswordBasedRedisDef} , #{<<"password_based_http_server">> => PasswordBasedHTTPServerDef} , #{<<"password_hash_algorithm">> => PasswordHashAlgorithmDef} , #{<<"ssl">> => SSLDef}